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Appendix A - Supported Functions 

1 . SARM Public Functions 

createSARMContext 
•Called by: IKE 
5 • Inputs: contextType (sender or receiver) 

• Output: supportedGearSuite, contextHandle 

• Description: This function will be called by the IKE module and will establish either a sender 
or receiver SARM context for a given connection. Calling this function will either spawn a new 
SARM thread or create a logical context within the ACSA Controller thread. During creation, 

10 the SARM will call a PF KEY function to retrieve the supported ACSA gears. Next, the SARM 
will query and retrieve the security condition from the NSSRM to determine if any gears should 
not be returned to IKE based on the currently defined security policy. Finally, the SARM will 
□ return the currently supported ACSA gear information to IKE to be used in ACSA gear 
^ negotiation. The thread responsible for this SARM context will wait for a setGearSuite 
lJS; command before performing any further actions. 

f*i deleteSARMContext 

5 • Called by: IKE 

CQ • Inputs: contextHandle 

20 • Output: none 

Q • Description: This function will be called by the IKE module whenever a Delete Payload 

y m message is received or any other indication than an SA has expired. This function will release 

: ^ the contextHandle. 

2pE[ receivelnboundControlMessage 
™ -Called by: IKE 

• Inputs: inboundControlMessage, contextHandle 

• Output: none 

• Description: Whenever the IKE module receives an ACSA control message, it will pass the 
30 control message to the appropriate SARM sender context. The SARM context will call 

determineSenderGear based on the receiver's authentication error information or recommended 
gear information. 

setGearSuite 
35 •Called by: IKE 

• Inputs: gearSuitelnfo, contextHandle 

• Output: none 

• Description: Upon the completion of ACSA gear suite negotiation, whether from an IKE 
initiator or IKE responder perspective, the IKE module will call this function to establish the set 

40 of gears which the SARM may select (sender) or recommend (receiver). This function will cause 
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the SARM to request resources from the NSSRM and then determine the appropriate gear to 
select or recommend from among the gear suite. If this is a sender context, the SARM will call 
PF_KEY and set the connection's gear. If this is a receiver context, the SARM will call 
PFKEY to set the partial receiver verification values for each gear of the gear suite. 

5 

setR esourceA llocation 

• Called by: NSSRM 

• Inputs: resourceAllocation, contextHandle 

• Output: none 

10 • Description: Periodically or when a dramatic resource change occurs, the NSSRM will notify 
the SARM of a new resource allocation. Based on this new resource allocation, each SARM 
context will re-determine the selected or recommended gear. 

setSecurityCondition 
fej • Called by: NSSRM or network application 
fjfi • Inputs: securityCondition, contextHandle 
n§ • Output: none 

• Description: Whenever a change in security policy or a security condition occurs, the NSSRM 
□ or network application will notify the SARM. Based on the revised security condition, each 

20 SARM context will re-determine the selected or recommended gear. 
5. 1 . 1 . 1 .2 SARM Private Functions 

:i 2. SARM Private Functions 

ru 

u ; createOutboundControlMessage 

|5 • When executed: As a result of a large disparity between the receiver's desired gear and the 
Q current gear detected when executing the determinePartialReceiverVerification function. 

• Description: This function will construct an appropriate control message based on the current 
available resources and the security condition. Possible messages include: ACSA-CHANGE- 
TO-BASE-GEAR-REQUESTED, ACSA-CHANGE-TO-MORE-SECURE-GEAR- 

30 REQUESTED, ACSA-CHANGE-TO-FASTER-GEAR-REQUESTED, ACSA-CHANGE-TO- 
NON-PMAC-GEAR-REQUESTED. 

determinePartialReceiverVerification 

• When executed: As a result of a SetGearSuite call, whenever the NSSRM updates the resource 
35 allocation, whenever the NSSRM updates the security condition, and periodically upon 

expiration of a timer. 

• Description: Upon any of the conditions described above, the SARM will recalculate the 
appropriate partial verification for the receiver context based on available resources and the 
security condition. Upon determining the partial verification, the SARM will call the 

40 setPartial Verification function within the PFKEY module. At this time the SARM will 

determined its desired gear. The desired gear is the receiver's best compromise of security and 
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resources. If there is a great disparity between the receiver's desired gear and the current gear, 
the S ARM may elect to call createOutboundControlMessage to notify the sender of the disparity. 

determineSenderGear 

5 • When executed: As a result of a SetGearSuite call, whenever an ACS A control message is 
received, whenever the NSSRM updates the resource allocation, whenever the NSSRM updates 
the security condition, and periodically upon expiration of a timer. 

• Description: Upon any of the conditions described above, the SARM will recalculate the 
appropriate gear for the sender context based on available resources and the security condition. 

10 Upon determining the appropriate gear, the SARM will call the setSenderGear function within 
the PF_KEY module. 

handleAuthError 

• When executed: Whenever the main thread detects that PF_KEY has written data to the 
FS authentication error socket. 

m • Description: Whenever the number of authentication errors for a connection exceeds the 

f j § authentication error threshold, the PF_KEY module will write the authentication error 

y : information into the authentication error socket. After reading the authentication error 

Q information, the SARM will then determine whether to notify the sender of a new recommended 

29 gear and will recalculate the receive partial verification values and notify the PF_KEY module of 

ES any changes. 

s 

S 2. NSSRM public functions 



p -Called by: SARM 
q • Inputs: contextHandle 

• Output: security Condition 

• Description: Upon creation, a SARM context will request the current security condition. 



requestResources 
•Called by: SARM 

• Inputs: contextHandle, gearSuitelnfo 

• Output: resourceAllocationValue 

35 • Description: Due to various events, the SARM will request resources to support authentication 
security of a connection it is managing. The NSSRM will allocate resources to the requesting 
SARM context based on its overall allocation from the HRM and the resource needs of any other 
SARM contexts. 

40 setResourceAllocation 



22 querySecurityCondition 



30 



•Called by: HRM 

• Inputs: resourceAllocation 
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• Output: none 

• Description: Periodically or when a dramatic resource change occurs, the HRM will notify the 
NSSRM of a new resource allocation. Based on this new resource allocation, the NSSRM will 
re-determine the resource allocation of all SARM contexts by invoking the 

5 recalculateResourceAllocation function. 

setSecurityCondition 
•Called by: HSM 

• Inputs: securityCondition 
10 • Output: none 

• Description: Whenever a change in security policy or a security condition occurs, the HSM will 
notify the NSSRM. Based on the revised security condition, the NSSRM may notify each SARM 
context which will in turn re-determine the selected or recommended gear. 

t% 4. NSSRM private functions 



fy determineResourceA {location 

M> • When executed: As a result of requestResources, setResource Allocation or 

G setSecurityCondition calls, and periodically upon expiration of a timer. 

f§ • Description: Upon any of the conditions described above, the NSSRM will recalculate the 

w appropriate gear for the sender context based on available resources and the security condition. 

!L Upon determining the appropriate gear, the SARM will call the setSenderGear function within 

5 the PFKEY module. 

P 5. PFJCEY public functions 



Q setPartialReceiver Verification 
•Called by: SARM 

• Inputs: gearReceiverVerificationValueStructure, contextHandle 
30 • Output: none 

• Description: Based on a number of conditions, a receiver SARM will call PFJCEY to set the 
partial verification values for all the gears of a gear suite corresponding to a given connection. 

setSenderGear 
35 -Called by: SARM 

• Inputs: gearlnfo, contextHandle 

• Output: none 

• Description: Based on a number of conditions, a sender SARM will call PF_KEY to set the 
gear that IPsec should apply when generating the sender authentication tag. 
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